Being at a corporation normalizes sociopathy to some extent. The phrase: “It’s business, not personal”, outlines it well.
It is ok to harm another group of people financially and even personally because that’s what “business does”. Degradation being a ratchet that calcifies unethical behavior doesn’t help. Companies tend to get less ethical the older and larger they become.
> Being at a corporation normalizes sociopathy to some extent. The phrase: “It’s business, not personal”, outlines it well
The phrase essentially describes subsuming individuality in favour of group interests. You see similar refrains in militaries, monarchies, non-profits and HOAs.
You presumably had a working 2fa app already, but off the cuff decide to switch to new unvetted variant X; basically unknown auth system after reading a few paragraphs of text in an afternoon?
Ente is extremely well known in the privacy circles, so this is not just some random company with a random app out of nowhere.
Check PrivacyGuides for example.
Here’s where it was added to PrivacyGuides - https://github.com/privacyguides/privacyguides.org/issues/36.... The person opening the issue is the CEO of ente. So the CEO of ente gets his company mentioned in PrivacyGuides back when it was new and that makes it more legit?
PrivacyGuides goes through their own process of vetting (whether you would agree with their process or not that’s another topic) so I think the discussion to add Ente Photos is the more relevant link
https://discuss.privacyguides.net/t/ente-photo-management/11...
> PrivacyGuides goes through their own process of vetting ... so I think the discussion
The discussion is not all that relevant as PrivacyGuides does not rely solely on community input. The core team pretty much generates content and lists recommendations based on (what they claim is) their own research (which isn't saying much).
The forum and community really give us a lot of external insights, with the voting system letting us poll how popular something is.
While we put a very heavy importance on the community consensus, it is mostly up to the team to decide what comes and goes, where more heavy decisions require more votes...
A reason why it has never really been written out is that policies can be gamed, and the team really wants to be able to veto decisions...
As far as "evaluating"/reviewing tools the methods to do so are not documented...
While I would have the same reaction, in this case I think it is a sane decision. Ente is cornering the privacy market and I think they're doing a great job. They have a lot to lose (trust) and it would be stupid if they did something shady with the data entered in the 2FA app.
Not knowing them, how could OP trust them instantly? Whether they really have that trust or not, you have to know them for a while and from many different trustable sources. The story is a bit strange.
> new unvetted variant X; basically unknown auth system
Valid concerns. In the case of Ente Auth though, it is used by folks working at CERN [0], who also sponsored a recent security audit: https://ente.com/blog/cern-audit/
They just store tokens, without other FA at "worst" you get locked of your account but nobody else has access either. You're also supposed to, as good practice, not be limited to token generation and typically have a dozen or so of recovery tokens. Also if they were somewhat not working at doing the 1 task they should do, namely generate tokens, then you won't be able to use them so it won't even be added.
So... I might be missing something, can you please explain what worries you and why I should thus worry too?
Not saying they’re a paid promoter. But if I paid someone to speak about my newly launched product, they’d say something exactly like that. “Never heard of these guys before, but I loved their other product you’ve never heard of. I’m super excited to try this one!”
The people who crave that money and influence tend to be control freak psycho/sociopaths. They need to feel superior to others because deep down they don’t/can’t value themselves. They don’t even know what they’re competing/fighting for anymore. They just can’t stop because they know no other way.
It "works" but it is significantly less useful. Notification mirroring doesn't work, you can't read/respond to text messages, it can't reliably run in the background.
These are all due to limitations imposed by Apple.
Regarding notifications, both iOS and android doesn't support reading and responding to text messages. The feature works on android because of a workaround: apps create a global notification listener and they can also interact with notification - read UI contents and respond.
I know it's still better than not having a workaround at all like in iOS. But just pointing out that Google probably never meant to let others access notification mirroring.
Awesome! Let me introduce you to our latest menu item! Heroin chips with meth dipping sauce. One bite and your agency will have you coming back for seconds, then minutes, then a lifetime (however short).
I hope you enjoy spending all of your mental energy self-reflecting to kick the addiction.
The intent isn’t to defraud. The intent is to curb their uninvited data collection and anti-utility influence on the internet.
You’re not defrauding anyone if you have your extension click all ads in the background and make a personalized list for you that you can choose to review.
>The intent isn’t to defraud. The intent is to curb their uninvited data collection and anti-utility influence on the internet.
How's this any different than going around and filling out fake credit applications to stop "uninvited data collection" by banks/credit bureaus or whatever?
>The intent is convenience and privacy, not fraud.
You're still harming the business, so my guess would be something like tortious interference.
In a credit application there is a signature and binding contract. If I fill in false information knowingly, the intent is clear and written.
If you send me an unsolicited mailer with a microchip that tracks my eyes and face as I read it, you’ve already pushed too far. To then claim my using a robot to read it for me is fraud ignores the invasion of privacy you’ve already instituted without my express consent (digital ads are this).
It’s not fraud if it’s self-defense from corporate overreach.
I am super curious how far this goes. If, hypothetically, I wore some sort of glasses that kept facial recognition from identifying and tracking me at my local grocery store, would that constitute a civil infringement in the future?
What about extensions that skip embedded ads in a YouTube video? Is that tortuous interference with the view counter that creators use to market their reach?
>How's this any different than going around and filling out fake credit applications to stop "uninvited data collection" by banks/credit bureaus or whatever?
It's so different that it can't even be compared. There's nothing similar there.
>>The intent is convenience and privacy, not fraud.
> You're still harming the business, so my guess would be something like tortious interference.
No, you're not harming the business. You're simply not following the business idea of the "business". Anyone can have a business idea of some type. Not a single person on earth has any obligation to fulfill that business idea. But somehow some people believe the opposite.
reply